Within a conventional authentication system, a hardware authenticator (sometimes called a token) and an authentication server work together to grant the token holder with login access using one-time use passwords (OTPs) which are often referred to as OTP codes, one-time passcodes, and pseudo-random numbers, among other terms. To this end, both the token and the authentication server share a symmetric key (i.e., a secret which is not otherwise known). The token uses this key to produce a series of one-time use passwords. Concurrently, the authentication server carries out the same operations on its end to produce the same series of one-time use passwords. Accordingly, at any time, the token holder is capable of providing a matching one-time use password from the token to the authentication server to prove that the token holder possesses the token. An authentication-based arrangement which carries out authentication in a manner which is similar to that explained above is described in U.S. Pat. No. 6,985,583, the teachings of which are hereby incorporated by reference in their entirety.
For the initially-described conventional authentication system, it is possible for each of the token and the server to generate a set of keys where keys are derived from precursor keys; and where each key may be involved in the derivation of one or more subordinate keys over time, as shown in FIG. 1. Examples of the relationship between the keys in such a structure are often shown as chains of key, a tree of keys, a branch of a tree of key, or some other representation. That is, these authentication devices carry out a first key derivation function to derive a first derived key from a master key. Next, these devices carry out a second key derivation function to derive a second derived key from the first derived key, and so on. Each key derivation function may include, as additional input, extra information (e.g., a nonce value, a predefined value, a group password, etc.) as an additional security measure. The devices then use the lowest-level derived key at the time of authentication to produce a one-time use password.
It should be understood that, if the keys of the token are corrupted (e.g., due to a gamma ray burst, thermal noise, a power glitch, radio frequency interference, etc.), such corruption typically is detected when the token holder tries to authenticate with the authentication server. In particular, the token holder tries to submit a password based on a corrupted key and the authentication server refuses to authenticate the token holder. After several futile authentication attempts, the token holder typically contacts an administrator of the authentication server who eventually determines that the token is defective and no longer useful. The administrator then provides the token holder with a new token to replace the defective token.